The prior art describes a wide variety of devices to provide physical security to protect objects from unauthorized removal. Generally, such protected objects have macroscopic qualities. However, there is a need to provide for security of information rather than objects. The breach in security required to surreptitiously withdraw information may be minuscule as compared to the breach required to withdraw a physical object. Hence the security provisions for information may be different in kind from that required to protect objects.
For the protection of programs or data contained in machine-readable form, the computer industry has traditionally relied on the physical security of the computer installation itself, or that security in combination with legal protection afforded by copyright, contract, trade secret and patent laws. Encryption has been used to prevent unauthorized persons from using intercepted information. In the PC area, many different software copy protection schemes are used, but all are based upon one or more software traps of some kind built into the program, and none are effective against the determined pirate.
One software protection mechanism is described in U.S. Pat. No. 4,471,163. To provide physical security for the information which may be stored in an electronic device, the patent describes that a circuit board on which the program lock is mounted is enclosed by top and bottom protective plates. Battery power for the components is supplied through a conductor which is glued to the inner surfaces of the protective plates By this technique, one attempting to gain access to the components on the printed circuit board would necessarily move at least one of the plates. Such movement results in breaking of the power lead to remove power from some of the components. If, as is suggested, the memory storing the information to be protected requires power, this interruption in the power lead would destroy the information that a pirate was seeking and therefore the information would remain protected. This tamper protection is of limited utility in that at most it can detect movement of that portion of the upper and lower cover plates which is directly glued to the power lead. A determined pirate with access to several such program locks could easily circumvent this protection, although it might mean destroying one or more circuit boards until he had discovered the extent of the protection.
In an entirely different field, Wetz, in U.S. Pat. No. 3,763,795 describes an alarm condition sensor to detect penetration of a vault or a safe. A panel is added to the exterior top, bottom, front, back and sides of the vault. Each panel is a composite of a frangible, opaque material on which a printed circuit is supported. The printed circuit is supplied with power and is arranged so that attempts to drill, cut or otherwise penetrate the panel will interrupt the electrical continuity of the printed circuit or short-circuit it to the exterior of the vault. While this protection may be quite effective in the context of protecting a vault, it has serious drawbacks in the context of protecting information.
Such vaults are usually located so that uninterrupted access to the vault is either impossible or difficult to procure. Because vaults are usually separately located, it is not practical for a thief to apply knowledge gained in a failure to breach a first vault in an attempt to penetrate other and different vaults.
On the other hand, electronic devices storing information may be widely distributed such that attaining uninterrupted access to such a device is not only not a problem, but it occurs regularly as a matter of course. It is conceivable that an attack on a device or installation to obtain information may be mounted in several stages:
1. Removal of covers or covers and any encapsulant; PA0 2. Identification of the location and function of security sensors; PA0 3. Bypassing of sensors to allow access to the next layer of protection, and so on.
Use of such carefully directed techniques (which can be likened to brain surgery) could, given sufficient time and resources, defeat existing protection systems. It goes without saying that, subject to such an attack, the protective system of Wetz would most certainly fail.
The design of most if not all alarm systems are subject to two competing considerations which typically require a compromise in implementing the desirable qualities of the alarm. On the one hand, we want our alarm device to be extremely sensitive to evidence of a threat; as the sensitivity increases the leeway allowed the pirate attempting to penetrate the protection contracts. On the other hand, our alarm system will be constructed out of real world devices and these are subject to environmental effects (changes in temperature, pressure, humidity, etc.) as well as aging (which can change a voltage supply, and device parameters, e.g. resistance, capacitance, etc.). The latter effect limits sensitivity to that which will not generate false alarms as device parameters change.
The systems described in U.S. Pat. Nos. 3,825,920; 4,459,583; 4,205,307; 4,225,859; 4,514,720 and 4,543,565 provide improved alarm sensors that are directed not at protecting information, but at protecting macroscopic objects or spaces.
Thus, it is an object of the invention to provide a system for the protection of information which may be stored in electronic circuits or the like in which the sensitivity to detection of intrusion is not compromised by providing for protection against false alarms. It is a concomitant object of the invention to provide physical protection for information which may be stored in electronic circuits in which achieving desirable sensitivity does not result in false alarms.